Open Access. Powered by Scholars. Published by Universities.®

Science and Technology Studies Commons

Open Access. Powered by Scholars. Published by Universities.®

Selected Works

Professor Willy Susilo

Articles 1 - 21 of 21

Full-Text Articles in Science and Technology Studies

Leakage Resilient Authenticated Key Exchange Secure In The Auxiliary Input Model, Guomin Yang, Yi Mu, Willy Susilo, Duncan S. Wong Mar 2014

Leakage Resilient Authenticated Key Exchange Secure In The Auxiliary Input Model, Guomin Yang, Yi Mu, Willy Susilo, Duncan S. Wong

Professor Willy Susilo

Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been proposed recently in the bounded leakage model. In this paper, we initiate the study on leakage resilient AKE in the auxiliary input model. A promising way to construct such a protocol is to use a digital signature scheme that is entropically-unforgeable under chosen message and auxiliary input attacks. However, to date we are not aware of any …

Go to article

Multi-Level Controlled Signature, Pairat Thorncharoensri, Willy Susilo, Yi Mu Mar 2014

Multi-Level Controlled Signature, Pairat Thorncharoensri, Willy Susilo, Yi Mu

Professor Willy Susilo

In this work, we present and establish a new primitive called Multi-level Controlled Signature. This primitive allows a signer to specify a security level to limit the verifiability of the signature. This primitive works as follows. Without losing generality, we assume the security levels of a group of users are defined in ascending order, where “A” represents the lowest security level and “Z” represents the highest security level, respectively. When a signer signs a message by specifying a security level “C”, all users who have a security level greater than “C” will be able to verify while other users whose …

Go to article

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo Mar 2014

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Professor Willy Susilo

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data …

Go to article

Security Pitfalls Of An Efficient Threshold Proxy Signature Scheme For Mobile Agents, Yong Yu, Yi Mu, Willy Susilo, Man Ho Au Mar 2014

Security Pitfalls Of An Efficient Threshold Proxy Signature Scheme For Mobile Agents, Yong Yu, Yi Mu, Willy Susilo, Man Ho Au

Professor Willy Susilo

A (t,n) threashold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t-1 or less of them cannot produce a valid proxy signature. Based on the RSA cryptosystem, Hong proposed an efficient (t,n) threshold proxy signature for mobile agents. Cai et al. found that the scheme due to Hong is proxy-unprotected , meaning that the original signer can generate a valid proxy signature by himself. However, it is unclear whether the scheme can be used …

Go to article

Secure Single Sign-On Schemes Constructed From Nominative Signatures, Jingquan Wang, Guilin Wang, Willy Susilo Mar 2014

Secure Single Sign-On Schemes Constructed From Nominative Signatures, Jingquan Wang, Guilin Wang, Willy Susilo

Professor Willy Susilo

Single Sign-on (SSO) allows users to only log on once and then access different services via automatic authentication by using the same credential. However, most existing SSO schemes do not satisfy security notions or require a high trust level on a trusted third party (TTP), even though SSO has become popular in new distributed systems and computer networks. Motivated by this fact, we formalise a new security model of single sign-on, which not only satisfies strong security notions but also has a low trust level on TTP. We then propose a generic construction of SSO from nominative signatures, and present …

Go to article

Robust Distributed Privacy-Preserving Secure Aggregation In Vehicular Communication, Bo Qin, Qianhong Wu, Josep Domingo-Ferrer, Willy Susilo Mar 2014

Robust Distributed Privacy-Preserving Secure Aggregation In Vehicular Communication, Bo Qin, Qianhong Wu, Josep Domingo-Ferrer, Willy Susilo

Professor Willy Susilo

Vehicular ad hoc networks (VANETs), formed by computers embedded in vehicles and the traffic infrastructure, are expected to develop in the near future to improve traffic safety and efficiency. To this end, VANETs should be designed to be resistant against various abuses and attacks. In this paper, we first review the existing proposals to provide security, privacy, and data aggregation in vehicle-to-vehicle communication. We then address the fundamental issue of achieving these conflicting properties in a unified solution, having observed that separate efforts cannot fulfill the VANET design objectives. A set of new mechanisms are suggested for efficiently managing identities …

Go to article

Identity Based Identification From Algebraic Coding Theory, Guomin Yang, Chik How Tan, Yi Mu, Willy Susilo, Duncan S. Wong Mar 2014

Identity Based Identification From Algebraic Coding Theory, Guomin Yang, Chik How Tan, Yi Mu, Willy Susilo, Duncan S. Wong

Professor Willy Susilo

Cryptographic identification schemes allow a remote user to prove his/her identity to a verifier who holds some public information of the user, such as the user public key or identity. Most of the existing cryptographic identification schemes are based on number-theoretic hard problems such as Discrete Log and Factorization. This paper focuses on the design and analysis of identity based identification (IBI) schemes based on algebraic coding theory. We first revisit an existing code-based IBI scheme which is derived by combining the Courtois-Finiasz-Sendrier signature scheme and the Stern zero-knowledge identification scheme. Previous results have shown that this IBI scheme is …

Go to article

Fairness In Concurrent Signatures Revisited, Willy Susilo, Man Ho Au, Yang Wang, Duncan S. Wong Mar 2014

Fairness In Concurrent Signatures Revisited, Willy Susilo, Man Ho Au, Yang Wang, Duncan S. Wong

Professor Willy Susilo

Concurrent signature, introduced by Chen, Kudla and Paterson, is known to just fall short to solve the long standing fair exchange of signature problem without requiring any trusted third party (TTP). The price for not requiring any TTP is that the initial signer is always having some advantage over the matching signer in controlling whether the protocol completes or not, and hence, whether the two ambiguous signatures will bind concurrently to their true signers or not. In this paper, we examine the notion and classify the advantages of the initial signer into three levels, some of which but not all …

Go to article

Adaptive Precision Floating Point Lll, Thomas Plantard, Willy Susilo, Zhenfei Zhang Mar 2014

Adaptive Precision Floating Point Lll, Thomas Plantard, Willy Susilo, Zhenfei Zhang

Professor Willy Susilo

The LLL algorithm is one of the most studied lattice basis reduction algorithms in the literature. Among all of its variants, the floating point version, also known as L2, is the most popular one, due to its efficiency and its practicality. In its classic setting, the floating point precision is a fixed value, determined by the dimension of the input basis at the initiation of the algorithm. We observe that a fixed precision overkills the problem, since one does not require a huge precision to handle the process at the beginning of the reduction. In this paper, we propose an …

Go to article

Towards Formalizing A Reputation System For Cheating Detection In Peer-To-Peer-Based Massively Multiplayer Online Games, Willy Susilo, Yang-Wai Chow, Rungrat Wiangsripanawan Mar 2014

Towards Formalizing A Reputation System For Cheating Detection In Peer-To-Peer-Based Massively Multiplayer Online Games, Willy Susilo, Yang-Wai Chow, Rungrat Wiangsripanawan

Professor Willy Susilo

The rapidly growing popularity of Massively Multiplayer Online Games (MMOGs) has given rise to an increase in the number of players world wide. MMOGs enable many players interact together through a shared sense of presence created by the game. The Peer-to-Peer (P2P) network topology overcomes communication bottleneck problems associated with centralized client/server sys- tems. Thus, P2P-based MMOGs are seen as the way of the future, and many dierent P2P-based MMOG architectures have been proposed to date. However, many architectures are proposed in an ad hoc manner and enhancing the security of such systems is an elusive research problem. In this …

Go to article

Identity-Based Data Storage In Cloud Computing, Jinguang Han, Willy Susilo, Yi Mu Mar 2014

Identity-Based Data Storage In Cloud Computing, Jinguang Han, Willy Susilo, Yi Mu

Professor Willy Susilo

Identity-based proxy re-encryption schemes have been proposed to shift the burden of managing numerous files from the owner to a proxy server. Nevertheless, the existing solutions suffer from several drawbacks. First, the access permission is determined by the central authority, which makes the scheme impractical. Second, they are insecure against collusion attacks. Finally, only queries from the same domain (intra-domain) are considered. We note that one of the main applications of identity-based proxy re-encryption schemes is in the cloud computing scenario. Nevertheless, in this scenario, users in different domains can share files with each other. Therefore, the existing solutions do …

Go to article

On Rfid Authentication Protocols With Wide-Strong Privacy, Nan Li, Yi Mu, Willy Susilo, Fuchun Guo, Vijay Varadharajan Mar 2014

On Rfid Authentication Protocols With Wide-Strong Privacy, Nan Li, Yi Mu, Willy Susilo, Fuchun Guo, Vijay Varadharajan

Professor Willy Susilo

Radio frequency identification (RFID) tag privacy is an important issue to RFID security. To date, there have been several attempts to achieve the wide-strong privacy by using zero-knowledge protocols. In this paper, we launch an attack on the recent zero-knowledge based identification protocol for RFID, which was claimed to capture wide-strong privacy, and show that this protocol is flawed. Subsequently, we propose two zero-knowledge based tag authentication protocols and prove that they offer wide-strong privacy.

Go to article

Membership Encryption And Its Applications, Fuchun Guo, Yi Mu, Willy Susilo, Vijay Varadharajan Mar 2014

Membership Encryption And Its Applications, Fuchun Guo, Yi Mu, Willy Susilo, Vijay Varadharajan

Professor Willy Susilo

We propose a new encryption primitive called Membership Encryption. Let P(G) be a privacy-preserving token on a group attribute/identity G, such that given P(G) it is hard to know the attributes in G. In this membership encryption, if an encryption takes as input an attribute A and the token P(G) , the decryption requires holding the membership A ∈ G, i.e., A belongs to this group attribute. Membership encryption is applicable in constructing membership proof A∈P(G) with privacy preserving on group attribute and the membership. Membership encryption can be also utilized to construct an efficient two-round K-out-of-N oblivious transfer protocol. …

Go to article

A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fentong Wen, Willy Susilo, Guomin Yang Mar 2014

A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fentong Wen, Willy Susilo, Guomin Yang

Professor Willy Susilo

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.'s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we …

Go to article

Efficient Linkable And/Or Threshold Ring Signature Without Random Oracles, Tsz Hon Yuen, Joseph K. Liu, Man Ho Au, Willy Susilo, Jianying Zhou Mar 2014

Efficient Linkable And/Or Threshold Ring Signature Without Random Oracles, Tsz Hon Yuen, Joseph K. Liu, Man Ho Au, Willy Susilo, Jianying Zhou

Professor Willy Susilo

Linkable ring signatures have found many attractive applications. One of the recent important extensions is a linkable threshold ring signature (LTRS) scheme. Unfortunately, the existing LTRS schemes are only secure in the random oracle model (ROM). In this paper, we make the following contributions. First, we construct the first LTRS scheme that is secure without requiring the ROM. Further, we enhance the security of a threshold ring signature (for both linkable or non-linkable) by providing a stronger definition of anonymity. This strengthened notion makes threshold ring signature schemes more suitable in real life. Finally, we provide efficient schemes that outperform …

Go to article

Identity-Based Mediated Rsa Revisited, Ibrahim Elashry, Yi Mu, Willy Susilo Mar 2014

Identity-Based Mediated Rsa Revisited, Ibrahim Elashry, Yi Mu, Willy Susilo

Professor Willy Susilo

In SSYM 2001, Boneh, Ding, Tsudik and Wong presented encryption and signature schemes based on the identity-based mediated RSA (ID-MRSA), in which the users are not allowed to decrypt/sign messages without the permission of a security mediator (the SEM). This allows a simple key revocation. Subsequently, in CT-RSA 2003, Ding and Tsudik presented a security proof for these schemes. In particular, they stated that 'IB-mRSA/OAEP encryption offers equivalent the semantic security to RSA/OAEP against adaptive chosen ciphertext attacks in the random oracle model if the key generation function is division intractable'. To make the key generation function division intractable, Ding …

Go to article

Secure Rfid Ownership Transfer Protocols, Nan Li, Yi Mu, Willy Susilo, Vijay Varadharajan Mar 2014

Secure Rfid Ownership Transfer Protocols, Nan Li, Yi Mu, Willy Susilo, Vijay Varadharajan

Professor Willy Susilo

An RFID tag could change hands many times during its lifetime. In a retail chain, the ownership of the tag is instituted by the supplier who initially owns the tag. In the view of a buyer, the validity of the current tag ownership and the originality of supplier are most important. In typical RFID ownership transfer protocols, the knowledge of the tag's authentication key proves the ownership. However, it is insufficient against an active attacker, since tags are usually lack of tamper-proof protections. Ownership transfer relies on a successful verification of tag's supplier and current ownership. In this paper, we …

Go to article

Improvements On An Authentication Scheme For Vehicular Sensor Networks, Joseph K. Liu, Tsz Hon Yuen, Man Ho Au, Willy Susilo Mar 2014

Improvements On An Authentication Scheme For Vehicular Sensor Networks, Joseph K. Liu, Tsz Hon Yuen, Man Ho Au, Willy Susilo

Professor Willy Susilo

In a recent paper, Shim (2012) presented a very interesting authentication scheme for vehicular sensor networks. Shim claimed that the scheme is secure against the highest adopted level of attack, namely the chosen-message attack (CID-CMA). Nevertheless, we find that the proof in Shim's paper does not actually prove that the scheme is secure in this level. Instead, it can only ensure that the scheme is secure in a strictly weaker level of attack, the adaptive chosen-identity and no-message attack (CID-NMA). In this paper, first we show that there exist some security risks in vehicular networks if a scheme, which is …

Go to article

(Strong) Multi-Designated Verifiers Signatures Secure Against Rogue Key Attack, Yunmei Zhang, Man Ho Allen Au, Guomin Yang, Willy Susilo Mar 2014

(Strong) Multi-Designated Verifiers Signatures Secure Against Rogue Key Attack, Yunmei Zhang, Man Ho Allen Au, Guomin Yang, Willy Susilo

Professor Willy Susilo

Designated verifier signatures (DVS) allow a signer to create a signature whose validity can only be verified by a specific entity chosen by the signer. In addition, the chosen entity, known as the designated verifier, cannot convince any body that the signature is created by the signer. Multi-designated verifiers signatures (MDVS) are a natural extension of DVS in which the signer can choose multiple designated verifiers. DVS and MDVS are useful primitives in electronic voting and contract signing. In this paper, we investigate various aspects of MDVS and make two contributions. Firstly, we revisit the notion of unforgeability under rogue …

Go to article

Identity-Based Multisignature With Message Recovery, Kefeng Wang, Yi Mu, Willy Susilo Mar 2014

Identity-Based Multisignature With Message Recovery, Kefeng Wang, Yi Mu, Willy Susilo

Professor Willy Susilo

We present a new notion of short identity-based multisignature scheme with message recovery. We propose a concrete identity-based multisignature with message recovery scheme based on bilinear pairing in which multiple signers can generate a constant size multisignature on same message regardless of the number of signers. There is no requirement to transmit the original message to the verifier, since the original message can be recovered from the multisignature. Therefore, this scheme minimizes the total length of the original message and the appended multisignature. The proposed scheme is proven to be existentially unforgeable against adaptively chosen message attacks in the random …

Go to article

Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang Mar 2014

Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang

Professor Willy Susilo

The notion of public key encryption with keyword search (PEKS) was put forth by Boneh et al. to enable a server to search from a collection of encrypted emails given a “trapdoor” (i.e., an encrypted keyword) provided by the receiver. The nice property in this scheme allows the server to search for a keyword, given the trapdoor. Hence, the verifier can merely use an untrusted server, which makes this notion very practical. Following Boneh et al.’s work, there have been subsequent works that have been proposed to enhance this notion. Two important notions include the so-called keyword guessing attack and …

Go to article